I'm not able to connect to websites on Android using OpenVPN Connect but i can connect to the LAN
I have a server setup using on a Raspberry 2 that uses piVpn
/etc/openvpn/server.conf
Code: Select all
dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
key /etc/openvpn/easy-rsa/pki/private/server.key
dh /etc/openvpn/easy-rsa/pki/dh2048.pem
topology subnet
server 10.8.0.0 255.255.255.0
# server and remote endpoints
ifconfig 10.8.0.1 10.8.0.2
# Add route to Client routing table for the OpenVPN Server
push "route 10.8.0.1 255.255.255.255"
# Add route to Client routing table for the OPenVPN Subnet
push "route 10.8.0.0 255.255.255.0"
# your local subnet
push "route 192.168.0.0 255.255.255.0"
# Set your primary domain name server address for clients
push "dhcp-option DNS 192.168.0.72"
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-version-min 1.2
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
cipher AES-256-CBC
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
#crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
log /var/log/openvpn.log
verb 1
# Generated for use by PiVPN.io
nexus.ovpn
Code: Select all
client
dev tun
proto udp
remote [my public ip] 1194
resolv-retry infinite
nobind
persist-key
persist-tun
key-direction 1
remote-cert-tls server
tls-version-min 1.2
verify-x509-name server name
cipher AES-256-CBC
auth SHA256
comp-lzo
verb 1
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
...
-----END ENCRYPTED PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
...
-----END OpenVPN Static key V1-----
</tls-auth>
after having installed:
Code: Select all
sudo apt-get install openvpn
sudo apt-get install network-manager-openvpn
sudo apt-get install network-manager-openvpn-gnome
sudo apt-get install network-manager-pptp
sudo apt-get install network-manager-vpnc
I can access my devices via ssh and if i browse websites such as
http://whatismyipaddress.com/
I can see my home IP address.
From Android 7 (Nexus 5X) with OpenVPN Client installed (version 1.1.17 (build 76))
I can import the same configuration,
I can connect successfully (both wifi and mobile)
I can ping my home network
I can ssh into my home network
I cannot ping any external website
I cannot browse any external website
for some reasons though i still can seem to receive WhatsApp messages ( that i think runs on port 5223 )
I can run nslookup google.com and I am returned with the correct IP address of the websited, so i don't think it's
a DNS issue.
Note: in the configuratioon above, the DNS is pointing 192.168.0.72 because my vpn server also is the DNS server
Thanks for the help, if more information are needes I will provide them